I’ve seen similar figures from other organisations and countries, so the stats don’t suprise me.
My peers and I have always called this Armadillo security, hard on the outside, soft on the inside.
Firewall, IDS, etc…all protecting the exterior of the network, only edge devices, nothing inside, not much policies, not much privelege segregation, anyone inside can [...]
So you better make sure you do.
As we discussed in the article on Social Engineering in Penetration Testing, it’s not that the employees don’t care as such, it’s that they don’t know. They haven’t been educated, they are ignorant, their awareness of best practise is low.
An experiment carried out within London’s square mile has revealed [...]
This is actually a very interesting debate.
Just to introduce if you don’t know..
What is Penetration Testing
A penetration test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious cracker. The process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. [...]
